Typical one-time password validation systems do not allow validation of more than one authentication request using the same passcode. For example, if a first entity requests authentication based on a passcode, a second entity requesting authentication based on the same passcode will not receive validation, even if the first request was validated. This is problematic in computing systems utilizing untrusted delegation. In a system utilizing untrusted delegation, once a user's credentials (e.g., user name and password) are validated, the credentials are propagated to other components in the system for validation. One-time password validation also is problematic in systems utilizing direct authentication. In a system utilizing direct authentication, each component of a system is directly authenticated, by a validation server or the like, via an authentication protocol, such as a challenge-response protocol. Validated credentials for one component of the system however, do not carry over to other components in the system.